WPScan installation.
wget http://wpscan.googlecode.com/files/wpscan-1.0.zip
unzip wpscan-1.0.zip
sudo apt-get install libcurl4-gnutls-dev rubygems1.8 ruby
sudo gem install typhoeus
sudo gem install xml-simple
apt-get install wpscan
cd /pentest/web/wpscan/
EXAMPLES
Do 'non-intrusive' checks...
ruby ./wpscan.rb --url www.example.com
Do wordlist password brute force on enumerated users using 50 threads...
ruby ./wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50
Do wordlist password brute force on the 'admin' username only...
ruby ./wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin
Generate a new 'most popular' plugin list, up to 150 pages...
ruby ./wpscan.rb --generate_plugin_list 150
Enumerate instaled plugins...
ruby ./wpscan.rb --url www.example.com --enumerate p
No comments:
Post a Comment